There was this asshole teacher, one of his students stole his car and crashed it through a set of double doors into the building. Destroyed the entire entryway and both sets of heavy duty doors.
Epic, man. Everyone hated that teacher and he had bought one of the new VW bugs when they first started making the new ones and he thought it was just so cool.
I disagree with you about the degree, actually. A degree in compsci is a baseline in the tech industry, like certs. Not really on the security side, more on development. It depends on what they want to do and where they’re willing to move to, luck, etc for them to be successful. Overall bachelor’s degrees have gotten less valuable in general and compsci is not what it used to be, but it’s still a good foundation. Pair it with some CompTIA or CCNA certs and they’re off to the races if they want to be versatile, or they can go deeper into some code/architecture based stuff if they want to stay in development.
The domain of AI isn’t cybersecurity, it’s data collection and data analysis. AI in its current form is laid on the foundation of massive quantities of data. Collecting, sorting, and cataloguing all of that in useful/indexable ways is the cornerstone of machine learning (AI).
It’s hard to say where AI is going to take us in the next 10 years, but if your kids stay AI literate they should be pretty good. I hate Google but they have some of the best AI training on the market right now, so as much as I hate to recommend them as a source I have to be pragmatic and mention it if you’re going to recommend something to your kids for their success.
I don’t really agree with your assessment of where AI currently is at. It sounds like you’re probably underestimating the current capabilities. The problem right now is we don’t know how to control it, not that it’s not capable enough. On top of that the pace of acceleration is insane so even if you’re on the mark and I’m not, the field will have shifted so far in 2-3 years that your position will no longer be correct and mine will be then. But, I do agree that cybersecurity isn’t really “the next domain” of AI, even if it’s integral to it like it is with all computer stuff.
I don’t think they’d go wrong getting into security, it’s not going anywhere any time soon. If anything it’s going to continually grow with technical advancements and expansion of application.
I think everything you learn will for the most part apply everywhere, there’s just no singular definitive source for everything. It’s like saying you want to learn politics, or you want to learn construction, or you want to learn math. The field is so wide that you can’t just get a single book about everything.
You definitely can specialize in sub fields though. My favorite areas are network architecture/security and social engineering. My primary skills lie in disaster planning and recovery though, because I migrated from a different industry where I applied pretty much the exact same thought methodology.
You can find plenty of free sec+ study materials to get you started. It is basic, yes, but real cyber security comes from understanding systems, protocols, and best practices and honestly I’m not sure there’s a good book that can give you that. I could be wrong, we’ll see other posts if they show up, but starting with sec+ material and then reading deeper on things would be my recommendation.
Understanding active directory, Linux permissions and file structure, VPNs, firewalls, different security appliances, hashing, crypto methods/algorithms, handshakes, transmission protocols, VMs, cloud architectures, backup strategies, social engineering, etc - it all plays a part. You could find a number of books and resources about any of those things.
Certs like LPI Linux essentials is pretty good if you’re unfamiliar with Linux basics, that’s another one to look into where you can find free study material.
I guess what I’m saying is that cyber security is REALLY complicated and will always be tailored to the threats, the assets you’re trying to protect, available budget, and systems used. It’s why certs are the industry standard of recognition, because there’s really not a good way to gauge competency unless you’re assessed by another competent person in the field. And you may be AWESOME with an active directory setup but be lost in Linux, or need to work with embedded systems, but be weak in other areas because you’ve never worked with it, so certs kind of level the field so you can be at least aware of stuff if you’ve never worked with it.
I would not consider myself an expert in the field but this is my perspective. You can learn for the next 10 years for free and by just experimenting on old hardware and with VMs and a robust LAN.
The cyber landscape is so, so complex. There’s an endless number of options and potential vulnerabilities. Defense in depth can’t really be taught from a single book, but by identifying areas you’d like to learn more about can take you as far down the rabbit hole as you like.
As long as you vote for someone I don’t care whether you choose the candidate that I would vote for. There’s no wasted votes, I’ve voted 3rd party when the major candidates aren’t someone I can vote for in good conscience.
If you abstain on “principle” because there isn’t a politician that perfectly aligns with your values then yeah, you’re just dumb and you’re part of the problem.
About 60% of the country votes in the general election, much less in the primaries, and much, much less in local elections. People that don’t vote because they can’t be assed suck, but the ones that sit on a high horse and scoff at the system that they play a huge hand in perpetuating through some misguided moral high ground are literally the worst.
Bruh what do you think political parties are?
Unions, national alliances, society… It’s all people compromising on their individual values.
Good for you for letting perfect be the enemy of good, bet you feel so vindicated as the world burns down around you.
Well I never, daggone real looking wood duck right there
The Hook Up YouTube channel has a ton of awesome non sponsored reviews of tech that you might be interested in. Projectors, sound equipment, etc. I’ve honestly never seen better consumer review content.
https://www.youtube.com/channel/UC2gyzKcHbYfqoXA5xbyGXtQ
Personally I don’t care for home theater so often I skip videos about projectors, but there’s a ton of stuff there that might help you make some decisions - at the very least you’ll walk away better educated about what makes a quality piece of kit.
BJJ is one of the most “useful” when it comes to actually fighting (along with boxing).
Karate and TKD are more of an art/discipline. A well trained karate fighter will very likely outmove an untrained assailant, but someone moderately trained in BJJ will likely be able to subdue/get away from a very well karate or TKD fighter.
Honestly, BJJ is an amazing skill to have in a pinch, and it trains you in grappling with opponents that have a size/weight disparity.
Not all gyms/dojos use belts, even in BJJ. BJJ belts follow a pretty good progression based on skill, whereas karate (can’t say for TKD, never trained in it personally) often relies on performance of kata in order to progress to the next belt. Kata is choreographed movements, it’s more like a dance that you practice than an actual measure of ability to spar/fight.
If OP wants to get their kid into a fighting sport that’s fun and relatively safe, they can pick any discipline. If they want the added bonus of their kid being much better equipped to defend themself from a real aggressor they would do best getting them into BJJ, boxing, and then wrestling once they’re in middle/high school.
I would personally avoid boxing for my own kids due to the repeated head trauma and risk of fractures, but it’s the best real world striking training you’ll get, at least in the USA. BJJ and wrestling help you immensely once you’re on the ground, which is where 90% of street fights go within the first couple seconds, but a real, dangerous, fight is often over before it starts and countering a sucker punch or landing a decisive one yourself before the opponent can react is often the most important thing.
One of the downsides of BJJ is that it’s culturally tied to MMA in the USA now, which means that if OPs kid does BJJ for a while in their youth they’ll be more inclined to get into MMA in early adulthood, which is not something I would want for my children. But it’s a great skill regardless.
Not trying to go down a rabbit hole, nor invade your teen’s privacy, but have you done any kind of packet inspection on what’s going out/in? Teens can surprise you with the kind of stuff they’re up to sometimes.
I’m not sure why your resolver started acting up but what you’re describing doesn’t sound like normal cause/effect. Four people on a residential connection, even if you throw in a ton of electronic devices and iot/crap that calls home constantly shouldn’t cause any kind of ISP engagement.
Not like it really matters, for 99.9% of people having a forwarder is easy and just fine and there isn’t good reason to troubleshoot it if there’s a working solution. I’m pretty privacy conscious and I don’t even think having my own forwarder is worth the hassle, I am just choosy about my upstream.
My theory at this point is that it’s the equivalent of an audio editing meme. I think they just want to see how often they can get it into a final cut, for the lulz.
If pi hole is configured to use another DNS it will still forward your request, just not to your ISP DNS server. Essentially you’re providing your DNS requests to a 3rd party, for a slight boost to performance (because they’ll have tons of stuff cached and can do recursive queries faster if you’re requesting a site not in their cache.) Your web pages will load faster because you don’t have an SBC trying to manually figure out what’s the IP for bigfuckdaddyhairbrushemporium.net
The downside is you’re exposing your DNS queries to a 3rd party and it’s a bit of a privacy hit, as the upstream DNS server you select has your public IP correlated with your DNS requests. Doesn’t really matter to most, but it does for some.
Even if your ISP did have something in place to try and prevent abuse I find it unlikely it would trigger over normal traffic. Do you have a huge network/many hosts/exposed services?
I appreciate your reply but I haven’t had the time to go through your links. I just wanted to mention that I appreciate it and I’ll reply in another comment when I get the chance to respond!
You haven’t really given enough information about your config to diagnose.
If you’re able to access it from your local network but not your outside network it’s a port forwarding/firewall or routing issue. My guess is it’s a firewall issue either on your network edge (likely integrated into your router) or on your server that’s hosting immich.
Unless you do one of the following you won’t be able to access it from outside your network:
-set up a VPN and tunnel into your network. Wireguard or tailscale/zerotier will be easiest.
-set up port forwarding correctly. Not my first choice, best to VPN in rather than poke holes in your firewall, especially if you’re a noob.
-set up a reverse proxy. This is a bit more complicated than a VPN or overlay VPN (tail scale etc), but it works fine and will be secure as well.
If you haven’t done one of those three things then you won’t be able to access anything from outside your network, for good reason - your firewall is by default set up to deny connections that are initiated from outside your network, so when you’re trying to connect from the outside it looks at your traffic trying to start a connection to your server and naw dawg’s it.
Edit: just saw from another comment you’re not able to connect from your home Wi-Fi. If that’s the case, are you running a VPN on your phone? That can cause problems. Have you tried using the server’s local IP instead of your external IP? 192.168.x.x most likely. You can try to disable the server’s firewall and see if that lets you connect as well. Is your server on the same subnet as your phone? 192.168.1.x and 192.168.2.x won’t talk unless you set your router up correctly.
Just shooting in the dark here without more info
Edit2: if you’re running inmich in a container or VM your configs on that might not be set up correctly to allow you to reach it as well. It can be a lot of things but my money is on firewall/routing somewhere. Start by making sure you’re trying to connect to the local IP of the server, then try to disable server firewall (don’t forget to enable it again whether that solves it or not), and see if that works.
Not saying you’re wrong, what you’re saying makes sense, but my cryptology classes describes the stages of hashed authentication the way the guy you’re replying to describes things (client sends hash of password, server compares hashes).
I’m not saying what I was taught (intro level cryptology) is correct, up to date, or into the technical weeds enough to distinguish, but can you provide a source that backs up your position?
I’m very interested in this discussion and I’d like to see an authoritative source. I can pull the book I am referencing if you’d like, let me know and I’ll find it.
I listen to podcasts to get to sleep. I have some earbuds that I can use single-sided, and either of the sides can connect on their own (doesn’t have a master/slave connection where only one actually connects to phone and slave connects to master)
I go to bed with one or the other. During the night I might switch the bud to the other side, both sides can fit in either ear falling out and the sound is fine, even though they’re designed for only one ear. YMMV with that.
But this is the best way I’ve found.
There’s little Bluetooth speakers or vibrator bars that are designed to sit underneath your pillow and they’re quiet enough that a partner won’t hear it, but you can. I’ve tried those as well but you have to have your head on the pillow in a specific way for them to work and I don’t like being “confined” to that specific position.
I lay on my back and both sides so this works best for me.
Also it came out right at the time when 3D movies were at their (very short lived) peak.
And it did a GREAT job using that tech. I’ve never seen better.
The movie is a visual masterpiece and a king of theater-watching cinema.
Sure the story is bland but ain’t nobody watching that movie for the story.
I’d recommend using unifi/ubiquiti switches. They’re a bit pricey but they’re incredibly solid and you can manage them with a self hosted container of unifi controller software.
A good place to start is one of their 8port POE switches. I have a couple and they’re L3 switches (so you can do VLAN stuff like you want), and I’ve never ever had a problem with any of them. Even with the inexpensive ones their POE budget is pretty good, and great to power other switches or APs. They don’t power some cameras so you might need injectors for some thirsty gear.
The controller software is pretty good, and will let you manage the switches without getting into command line config at first (which can be a crutch so be cautious of that, especially if you want to branch out into other cheaper switches or take advantage of good 2nd hand gear deals you find).
But for your network I think an 8 port and a WAP are a good place to start. Get away from using your combo router as your wireless AP (or use both) and get some VLANs set up, and work on inter-VLAN routing and firewall rules.
How do you want to segment your network?
I recommend you have the following to start:
-management VLAN
-trusted devices
-guest/IoT devices
Just getting those three set up correctly will teach you a lot and let you environment. Firewall/routing rules to allow connections through in certain directions and not others is… fun to get the hang of if you’re new.
What are you planning on using as your router? Your combo router might tie your hands if that’s what you plan to use for everything. Combo routers generally suck at everything. You can get a cheap router also, edgerouter er-x is a fine choice but it’s not the best, but it’ll still outdo whatever you currently have, I’m sure. Put it behind your modem at your network edge and you can manage your vlan routing and your firewall on one device.
Additionally you can set up a VPN server on one of your PCs and set up static routes to allow you to tunnel in and access your network when you’re out (wireguard for the win).
Good luck on your journey! There’s a lot to learn so don’t get frustrated then your stuff doesn’t work. Back up your configs so you can revert back and be REALLY careful because it’s easy enough to make your stuff insecure by trying to make stuff work. Yeah it’ll function but next thing you know you’ve got a ransomware virus on your entire network… Not fun, I hear.
As you set up your VLANs look into VLAN traversal, it’s a means of network attack that allows attackers to cross over from one VLAN to another when you set up trunk/switch ports and VLAN tagging incorrectly. Again, your stuff will work but it’ll be vulnerable (not really a problem at home as long as your firewall works fine but still).
Edit: you can go with a router with several ports but I’d recommend you shy away from that if you have the money for dedicated devices. Routers are better at routing (L3) and switches are better at switching (L2). Their guts are built for different things and your network will be much faster if you use them for their intended purpose.